ID CVE-2013-6337
Summary Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
References
Vulnerable Configurations
  • Wireshark 1.10.0
    cpe:2.3:a:wireshark:wireshark:1.10.0
  • Wireshark Wireshark 1.10.1
    cpe:2.3:a:wireshark:wireshark:1.10.1
  • Wireshark Wireshark 1.10.2
    cpe:2.3:a:wireshark:wireshark:1.10.2
  • Wireshark 1.8.8
    cpe:2.3:a:wireshark:wireshark:1.8.8
  • Wireshark 1.8.9
    cpe:2.3:a:wireshark:wireshark:1.8.9
  • Wireshark 1.8.7
    cpe:2.3:a:wireshark:wireshark:1.8.7
  • Wireshark 1.8.6
    cpe:2.3:a:wireshark:wireshark:1.8.6
  • Wireshark 1.8.5
    cpe:2.3:a:wireshark:wireshark:1.8.5
  • Wireshark 1.8.4
    cpe:2.3:a:wireshark:wireshark:1.8.4
  • Wireshark 1.8.3
    cpe:2.3:a:wireshark:wireshark:1.8.3
  • Wireshark 1.8.2
    cpe:2.3:a:wireshark:wireshark:1.8.2
  • Wireshark Wireshark 1.8.10
    cpe:2.3:a:wireshark:wireshark:1.8.10
  • Wireshark 1.8.1
    cpe:2.3:a:wireshark:wireshark:1.8.1
  • Wireshark 1.8.0
    cpe:2.3:a:wireshark:wireshark:1.8.0
CVSS
Base: 4.3 (as of 05-11-2013 - 08:58)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2792.NASL
    description Multiple vulnerabilities were discovered in the dissectors for IEEE 802.15.4, NBAP, SIP and TCP, which could result in denial of service. The oldstable distribution (squeeze) is only affected by CVE-2013-6340. This problem has been fixed in version 1.2.11-6+squeeze13.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70749
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70749
    title Debian DSA-2792-1 : wireshark - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_WIRESHARK-131106.NASL
    description Wireshark has been updated to version 1.8.11 to fix bugs and security issues.
    last seen 2019-02-21
    modified 2014-03-15
    plugin id 71138
    published 2013-11-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71138
    title SuSE 11.2 / 11.3 Security Update : wireshark (SAT Patch Numbers 8503 / 8504)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-20829.NASL
    description Harden dumpcap capabilities - Ver. 1.10.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 70790
    published 2013-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70790
    title Fedora 19 : wireshark-1.10.3-2.fc19 (2013-20829)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS11_WIRESHARK_20131217.NASL
    description The remote Solaris system is missing necessary patches to address security updates : - The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2013-6336) - Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2013-6337) - The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2013-6338) - The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet. (CVE-2013-6339) - epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. (CVE-2013-6340)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 80810
    published 2015-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80810
    title Oracle Solaris Third-Party Patch Update : wireshark (multiple_vulnerabilities_in_wireshark8)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201312-13.NASL
    description The remote host is affected by the vulnerability described in GLSA-201312-13 (Wireshark: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 71488
    published 2013-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71488
    title GLSA-201312-13 : Wireshark: Multiple vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-0342.NASL
    description Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114) All Wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73277
    published 2014-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73277
    title CentOS 6 : wireshark (CESA-2014:0342)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-330.NASL
    description Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281 , CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336 , CVE-2013-6337 , CVE-2013-6338 , CVE-2013-6339 , CVE-2013-6340 , CVE-2014-2283 , CVE-2013-7112 , CVE-2013-7114)
    last seen 2019-02-21
    modified 2018-09-27
    plugin id 78273
    published 2014-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78273
    title Amazon Linux AMI : wireshark (ALAS-2014-330)
  • NASL family Windows
    NASL id WIRESHARK_1_8_11.NASL
    description The installed version of Wireshark 1.8.x is earlier than 1.8.11. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - IEEE 802.15.4 (Bug #9139) - NBAP (Bug #9168) - SIP (Bug #9228) - ActiveMQ OpenWire (Bug #9248) - TCP (Bug #9263)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 70763
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70763
    title Wireshark 1.8.x < 1.8.11 Multiple DoS Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-20937.NASL
    description fix subpackage requires Harden dumpcap capabilities - Ver. 1.10.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 70863
    published 2013-11-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70863
    title Fedora 20 : wireshark-1.10.3-3.fc20 (2013-20937)
  • NASL family Windows
    NASL id WIRESHARK_1_10_3.NASL
    description The installed version of Wireshark 1.10.x is earlier than 1.10.3. It is, therefore, affected by denial of service vulnerabilities in the following dissectors : - IEEE 802.15.4 (Bug #9139) - NBAP (Bug #9168) - SIP (Bug #9228) - ActiveMQ OpenWire (Bug #9248) - TCP (Bug #9263)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 70762
    published 2013-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70762
    title Wireshark 1.10.x < 1.10.3 Multiple DoS Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-20985.NASL
    description fix subpackage requires Harden dumpcap capabilities - Ver. 1.10.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 70834
    published 2013-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70834
    title Fedora 19 : wireshark-1.10.3-3.fc19 (2013-20985)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-279.NASL
    description Multiple vulnerabilities was found and corrected in Wireshark : The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-6336). Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-6337). The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-6338). The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet (CVE-2013-6339). epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet (CVE-2013-6340). This advisory provides the latest version of Wireshark (1.8.11) which is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 71074
    published 2013-11-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71074
    title Mandriva Linux Security Advisory : wireshark (MDVSA-2013:279)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-0342.NASL
    description Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114) All Wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 73282
    published 2014-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73282
    title RHEL 6 : wireshark (RHSA-2014:0342)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-848.NASL
    description the following security issues were fixed in wireshark : - The IEEE 802.15.4 dissector could crash wnpa-sec-2013-61 CVE-2013-6336 - The NBAP dissector could crash wnpa-sec-2013-62 CVE-2013-6337 - The SIP dissector could crash wnpa-sec-2013-63 CVE-2013-6338 - The OpenWire dissector could go into a large loop wnpa-sec-2013-64 CVE-2013-6339 - The TCP dissector could crash wnpa-sec-2013-65 CVE-2013-6340 + Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.8.11 .html
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75197
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75197
    title openSUSE Security Update : wireshark (openSUSE-SU-2013:1671-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-0342.NASL
    description From Red Hat Security Advisory 2014:0342 : Updated wireshark packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Wireshark is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114) All Wireshark users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-09-27
    plugin id 73280
    published 2014-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73280
    title Oracle Linux 6 : wireshark (ELSA-2014-0342)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20140331_WIRESHARK_ON_SL6_X.NASL
    description Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114) All running instances of Wireshark must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 73286
    published 2014-04-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73286
    title Scientific Linux Security Update : wireshark on SL6.x i386/x86_64
oval via4
accepted 2013-12-16T04:01:36.086-05:00
class vulnerability
contributors
name Shane Shaffer
organization G2, Inc.
definition_extensions
comment Wireshark is installed on the system.
oval oval:org.mitre.oval:def:6589
description Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
family windows
id oval:org.mitre.oval:def:19329
status accepted
submitted 2013-11-06T09:50:31.937-05:00
title Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3
version 5
redhat via4
advisories
rhsa
id RHSA-2014:0342
rpms
  • wireshark-0:1.8.10-7.el6_5
  • wireshark-devel-0:1.8.10-7.el6_5
  • wireshark-gnome-0:1.8.10-7.el6_5
refmap via4
confirm
debian DSA-2792
suse
  • openSUSE-SU-2013:1671
  • openSUSE-SU-2013:1675
Last major update 19-04-2014 - 00:44
Published 04-11-2013 - 11:55
Last modified 18-09-2017 - 21:36
Back to Top